|
|
Posted by Colin McKinnon on 01/22/07 21:48
Rik wrote:
> wombat wrote:
>>
>> Are sessions url dependent? If so, is there a work-around?
>
> Cookies are host dependant (with an optional path).
> home.*.com is not the same host as www.*.com
>
> Carrying on sessions between domains is therefor not possible by cookie.
> The only workaround is carrying over the session_id by a POST or GET
> variable, and it may be necessary to write your own session_handler,
> instead of the default one in PHP, so you can still collect previously set
> session-data. This is not recommended, but possible.
I'd be interested to know why this is not recommended. I'm happy to be
proved wrong but I can't see why this is more dangerous than sessions
within a single vhost.
There's no need to write your own session handler if you're moving between
virtual hosts on the same server - just include the session id in
links/forms to the receiving end, and (at the receiving end) :
....
if (!session_id() && ($_REQUEST['throw_session'])) {
session_id($_REQUEST['throw_session']);
}
session_start();
....
HTH
C.
[Back to original message]
|